hngopher.com

       [HN Gopher] Analyzing and breaking an externally encrypted HDD
       ___________________________________________________________________
        
       Analyzing and breaking an externally encrypted HDD
        
       Author : Wingman4l7
       Score  : 54 points
       Date   : 2021-01-28 19:09 UTC (3 hours ago)
        
 (HTM) web link (syscall.eu)
 (TXT) w3m dump (syscall.eu)
        
       | RcouF1uZ4gsC wrote:
       | Great writing.
       | 
       | Currently, there is some person with $260M in Bitcoin on an
       | encrypted drive.
       | 
       | https://www.techradar.com/news/ironkey-maker-couldnt-unlock-...
       | 
       | I am sure they would be willing to split it.
        
         | LinuxBender wrote:
         | Ironkey are a bit different in that they were actually designed
         | by hackers to be tamper-proof. The bar is a bit higher on that
         | one. Alex Stamos jokingly offered to crack it for a percentage.
         | AFAIK nobody has actually broken those yet.
        
       | teilo wrote:
       | LOL. This is about as secure as the spin dials on luggage. The
       | hardware contains the pin # in memory that (presumably) decrypts
       | the key, just like any mechanical lock contains the combination
       | (in its physical configuration) that unlocks it.
       | 
       | And if the pin implementation is this hackneyed, I have a feeling
       | that the so-called encryption is anything but.
        
         | loudmax wrote:
         | Clearly, a company advertising encrypted drives could and
         | should do better than this. Good on this researcher for calling
         | out shoddy workmanship and posting about it.
         | 
         | This is a warning to people with access to highly sensitive
         | data. But for everyday stuff, you do need to keep the value of
         | your data in perspective.
         | 
         | It took a security researcher 40 hours to crack this thing.
         | Should you store state secrets on this? No, it can be cracked
         | by a determined adversary. Would I feel safe storing my
         | personal financial data on a device like this one? Meh, sure,
         | good enough.
        
       | hyper_reality wrote:
       | Great writeup on how to do a black box "cold-boot stepping
       | attack"
       | (https://www.usenix.org/system/files/conference/woot17/woot17...)
       | on an encrypted HDD. This is why the recommendation is to use
       | encrypted filesystems rather than relying on the obscure hardware
       | device to do FDE securely. Which might seem obvious to most
       | readers here, but I guess that self-encrypting hard disks are
       | highly marketable.
        
       ___________________________________________________________________
       (page generated 2021-01-28 23:00 UTC)